DuckIntel / Security Tools
Paste raw logs and auto-detect format. Parse syslog, Apache, Nginx, Windows Event XML, JSON, and firewall logs. Filter by severity, search, and export.
The Log Analyzer automatically detects the format of pasted log data and parses it into a structured, searchable, filterable view. Supported formats include syslog (RFC 3164/5524), Apache and Nginx access logs, Windows Event XML, JSON application logs, iptables and pf firewall logs, and generic timestamped log lines. All processing happens in your browser — log data never leaves your machine.
Log analysis is one of the most time-consuming tasks in security operations. Raw log files are dense, repetitive, and inconsistent across different systems. The Log Analyzer strips away the noise, parses each line into structured fields (timestamp, severity, source, message), and lets you filter by severity level, search for keywords, and focus on critical and error events. A guided beginner walkthrough explains what each section means and what to investigate first.
The timeline view shows log activity distribution over time, helping you identify event spikes that correspond to attack activity. The severity breakdown reveals the ratio of critical, error, warning, and info events at a glance. The top sources panel shows which systems or processes are generating the most log activity, which can indicate a misconfiguration or active attack. Results can be exported to clipboard for inclusion in incident reports.
Related tools
Windows Event ID ReferenceCommand AnalyzerSIEM Query BuilderIncident Timeline Builder
Part of DuckIntel.io — 59 free browser-based security tools for SOC analysts. No login. No tracking. 100% client-side.